Skip to main content

Microsoft Windows Kernel Could Allow Elevation of Privilege Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2010 5263 Views

RISK: Medium Risk

1. Windows Kernel Null Pointer Vulnerability

A denial of service vulnerability exists in the Windows kernel due to the insufficient validation of registry keys passed to a Windows kernel system call. An attacker could exploit the vulnerability by running a specially crafted application, causing the system to become unresponsive and automatically restart.

2. Windows Kernel Symbolic Link Value Vulnerability

A denial of service vulnerability exists in the Windows kernel due to the manner in which the kernel processes the values of symbolic links. An attacker could exploit the vulnerability by running a specially crafted application causing the system to become unresponsive and automatically restart.

3. Windows Kernel Memory Allocation Vulnerability

An elevation of privilege vulnerability exists in the Windows kernel due to the manner in which memory is allocated when extracting a symbolic link from a registry key. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

4. Windows Kernel Symbolic Link Creation Vulnerability

An elevation of privilege vulnerability exists when the Windows kernel does not properly restrict symbolic link creation between untrusted and trusted registry hives. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

5. Windows Kernel Registry Key Vulnerability

A denial of service vulnerability exists in the way that the Windows kernel validates registry keys. An attacker could exploit the vulnerability by running a specially crafted application causing the system to become unresponsive and automatically restart.

6. Windows Virtual Path Parsing Vulnerability

A denial of service vulnerability exists in the Windows kernel due to the way that the kernel resolves the real path for a registry key from its virtual path. An attacker could exploit the vulnerability by running a specially crafted application, causing the system to become unresponsive and automatically restart.

7. Windows Kernel Malformed Image Vulnerability

A denial of service vulnerability exists in the Windows kernel due to the improper validation of specially crafted image files. An attacker could exploit the vulnerability by running a specially crafted application causing the system to become unresponsive and automatically restart.

8. Windows Kernel Exception Handler Vulnerability

A denial of service vulnerability exists in the Windows kernel due to the way that the kernel handles certain exceptions. An attacker could exploit the vulnerability by running a specially crafted application, causing the system to become unresponsive and automatically restart.